Session-state manager
First Claim
Patent Images
1. A session-state management method comprising:
- receiving a one-way encrypted, session-state token from a client, wherein the token incorporates a representation of session state of a client;
generating a one-way encrypted, confirmation session-state token; and
comparing the confirmation token with the received token;
wherein the generating step comprises forming a confirmation token that incorporates a representation of an incremental time block, if confirmation and received tokens fail to match;
generating a new one-way encrypted, confirmation session-state token, wherein the confirmation token incorporates a representation of a previous incremental time block; and
comparing the new confirmation token with the received token;
wherein the new-confirmation-token generating step comprises forming a confirmation token that incorporates a representation of an incremental time block, if confirmation and received tokens fail to match, and repeating the steps of new-confirmation-token generating and comparing the new and received tokens, wherein each subsequent reiteration of such steps employs a representation of a previous incremental time block that is previous a previous reiteration of the same steps, for a specified number of times or until compared tokens match.
2 Assignments
0 Petitions
Accused Products
Abstract
Without actually storing session-state information, the described exemplary implementations of session-state manager identify a user, validate the user'"'"'s current logon state, and determine whether the user'"'"'s session should expire. User identification and logon validation are checked by a server in a stateless network by generating a mathematically session-state token and sending that token to a user. Subsequently, the server receives a mathematically session-state token from the user and checks that token. If that token checks out, then the user is allowed continuing access under the same session. If it doesn'"'"'t check out, then the user may be forced to start a new session by logging-on again. Alternatively, the server may check to see if the token would check out if it had come at an earlier time block. The session-state tokens are mathematical encoded and are generated using a one-way encryption scheme. Such a one-way encrypted token is scientifically impossible to reverse-engineer. Furthermore, logon expiration is checked by the server using the same mathematically session-state token. The token is checked to determine whether a predetermined number of time blocks have past. If so, then the server will terminate the user'"'"'s session.
-
Citations
4 Claims
-
1. A session-state management method comprising:
-
receiving a one-way encrypted, session-state token from a client, wherein the token incorporates a representation of session state of a client;
generating a one-way encrypted, confirmation session-state token; and
comparing the confirmation token with the received token;
wherein the generating step comprises forming a confirmation token that incorporates a representation of an incremental time block, if confirmation and received tokens fail to match;
generating a new one-way encrypted, confirmation session-state token, wherein the confirmation token incorporates a representation of a previous incremental time block; and
comparing the new confirmation token with the received token;
wherein the new-confirmation-token generating step comprises forming a confirmation token that incorporates a representation of an incremental time block, if confirmation and received tokens fail to match, and repeating the steps of new-confirmation-token generating and comparing the new and received tokens, wherein each subsequent reiteration of such steps employs a representation of a previous incremental time block that is previous a previous reiteration of the same steps, for a specified number of times or until compared tokens match.
-
-
2. A session-state management method comprising:
-
(A) receiving a one-way encrypted, session-state token from a client;
(B) generating a one-way encrypted, confirmation session-state token, wherein the confirmation token incorporates a representation of a current incremental time block;
(C) comparing the confirmation token with the received token;
(D) if the confirmation token and the received token match, (1) issuing a one-way encrypted, replacement session-state token, wherein the replacement token incorporates a representation of a current incremental time block;
(2) sending the replacement token to the client,
if the confirmation token and the received token fail to match,(3) generating a new one-way encrypted, confirmation session-state token using the one-way encryption scheme of the encryption step, wherein the token incorporates a representation of a previous incremental time block;
(4) comparing the new confirmation token with the received token;
(5) if the new confirmation and received tokens fail to match, then further comprising;
(i) repeating the steps of new-confirmation-token generating and comparing the new and received tokens, wherein each subsequent reiteration of such steps employs a representation of a previous incremental time block that is previous a previous reiteration of the same steps, for a specified number of times;
(ii) if, during the repeating step, the confirmation token matches the received token, (a) issuing a one-way encrypted, replacement session-state token, wherein the token incorporates a representation of a current incremental time block;
(b) sending the replacement token to the client. - View Dependent Claims (3)
-
-
4. A session-state management method comprising:
-
receiving a user-associated, encoded session-state token from a client, wherein the encoded token incorporates a representation of session-state of the user'"'"'s session;
generating an encoded, confirmation session-state token;
comparing the received token with the confirmation token;
wherein the generating step comprises forming a confirmation token that incorporates a representation of a current incremental time block, if confirmation and received tokens fail to match, further comprising;
generating a new confirmation token using a representation of a incremental time block previous of the time block representation used for the previous generating step;
comparing the new confirmation token with the received token; and
if confirmation and received tokens fail to match, and repeating the steps of generating a new confirmation token and comparing the new and received tokens, wherein each subsequent reiteration of these steps uses a representation of a previous incremental time block that is a previous reiteration of the same steps, for a specified number of times or until compared tokens match.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsAllen, Joshua
-
Primary Examiner(s)Morse, Gregory
-
Assistant Examiner(s)Ho, Thomas
-
Application NumberUS09/522,063Time in Patent Office1,853 DaysField of Search713/182, 713/201, 709/228, 707/10US Class Current713/182CPC Class CodesH04L 63/0428 wherein the data content is...H04L 63/0869 for achieving mutual authen...
